Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/_SZqu50K4eWrhWCuuBa1WFjcVk0.roa
File: _SZqu50K4eWrhWCuuBa1WFjcVk0.roa (raw, json)
Hash identifier: rm3DoYf3rU1SIFB1g2PjjZid+BDTeVRKU9jjET4BL3o=
Subject key identifier: FD:26:6A:BB:9D:0A:E1:E5:AB:85:60:AE:B8:16:B5:58:58:DC:56:4D
Certificate issuer: /CN=16497d8453c5ee3ebbb388e1a47a195ff30fe009
Certificate serial: 0718E67B
Authority key identifier: 16:49:7D:84:53:C5:EE:3E:BB:B3:88:E1:A4:7A:19:5F:F3:0F:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/_SZqu50K4eWrhWCuuBa1WFjcVk0.roa
Signing time: Sat 01 Jan 2022 10:00:26 +0000
ROA not before: Sat 01 Jan 2022 10:00:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207983
IP address blocks: 193.33.165.0/24 maxlen: 24
193.33.164.0/24 maxlen: 24
193.33.205.0/24 maxlen: 24
193.33.204.0/24 maxlen: 24
2a0f:640::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119072379 (0x718e67b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16497d8453c5ee3ebbb388e1a47a195ff30fe009
Validity
Not Before: Jan 1 10:00:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd266abb9d0ae1e5ab8560aeb816b55858dc564d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2d:81:76:34:d5:17:3d:10:da:91:65:33:54:
96:5b:b3:56:cd:d4:c1:10:d7:18:c4:9a:59:f2:43:
f7:e4:73:52:ea:62:06:e4:9c:25:b8:24:9e:05:24:
4b:fa:41:c7:05:ca:eb:fd:b3:8f:e6:18:96:fb:12:
99:3d:55:22:b0:7c:76:65:aa:67:1a:db:73:02:26:
24:2b:c2:3f:ca:bc:ac:50:e8:86:47:3d:96:41:2f:
83:e3:ee:95:b8:e2:3d:30:22:08:2a:ea:a0:b9:12:
81:41:ae:36:23:75:42:48:cf:79:5c:ec:89:39:11:
a1:14:83:b1:78:e0:92:0b:33:79:32:bf:eb:09:fc:
b7:87:1e:4c:6b:bd:3f:d0:a5:c0:e9:b6:53:6d:48:
d9:93:06:e4:0b:5f:c7:6a:67:d5:76:91:f4:be:e1:
4a:b9:4d:09:47:9e:f1:f7:12:4d:55:7a:66:65:e5:
e1:25:5e:7e:75:91:c5:43:b1:07:84:88:32:30:d2:
e6:a2:15:be:43:78:5d:3b:47:78:b2:7f:25:f4:f8:
d1:ca:26:57:6f:46:1b:44:d2:a7:f7:db:84:e6:87:
44:59:c8:02:c4:48:41:7b:c5:8c:1c:06:9d:94:a4:
fb:93:20:24:0a:f9:93:31:02:96:82:7b:25:44:4d:
5f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:26:6A:BB:9D:0A:E1:E5:AB:85:60:AE:B8:16:B5:58:58:DC:56:4D
X509v3 Authority Key Identifier:
keyid:16:49:7D:84:53:C5:EE:3E:BB:B3:88:E1:A4:7A:19:5F:F3:0F:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/_SZqu50K4eWrhWCuuBa1WFjcVk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c97fcf-1a8d-4ac9-bfea-b234dd6ed637/1/Fkl9hFPF7j67s4jhpHoZX_MP4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.164.0/23
193.33.204.0/23
IPv6:
2a0f:640::/48
Signature Algorithm: sha256WithRSAEncryption
9a:c2:c2:ba:8b:5e:2e:cb:8a:96:e8:b8:36:f6:51:9a:c2:a0:
b8:11:a4:0a:42:c7:59:02:48:8f:59:4b:35:5a:2c:bf:8c:8a:
24:c5:2d:24:d7:90:69:b7:9c:14:b8:7b:7e:63:cf:1a:89:98:
64:fc:1c:36:1e:32:31:8e:18:36:49:cb:7f:e6:dc:c4:52:92:
a1:22:5c:38:4d:b5:fc:af:f6:8e:7f:e5:6d:7a:66:3e:13:30:
3d:bc:f6:5a:f2:6d:eb:d4:85:44:4a:86:1e:05:99:81:71:76:
8f:e8:94:2b:c2:3c:d4:c8:c3:1e:5b:b2:0d:3d:f9:61:44:ba:
26:76:09:e2:c3:a6:5f:43:ba:dd:ee:81:d0:57:b2:2d:e0:de:
bc:7d:76:a9:7f:ed:90:30:55:01:7a:88:10:83:62:85:0a:6f:
17:ad:46:80:e0:b6:2b:1c:26:fa:83:24:9b:24:23:f6:8d:8c:
99:cc:a5:a7:09:d8:34:c1:30:3d:61:eb:33:ae:7d:fc:66:68:
2a:e5:03:01:0c:07:e7:93:09:db:97:f6:81:be:fd:4a:2a:ac:
3e:35:51:12:b8:ce:e9:91:96:8d:52:96:ec:1a:12:7a:98:c7:
66:94:86:a2:8d:3a:7a:4f:9c:e8:77:00:6f:b9:90:23:34:59:
17:40:39:3b
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBxjmezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NjQ5N2Q4NDUzYzVlZTNlYmJiMzg4ZTFhNDdhMTk1ZmYzMGZlMDA5MB4XDTIyMDEw
MTEwMDAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQyNjZhYmI5ZDBh
ZTFlNWFiODU2MGFlYjgxNmI1NTg1OGRjNTY0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALItgXY01Rc9ENqRZTNUlluzVs3UwRDXGMSaWfJD9+RzUupi
BuScJbgkngUkS/pBxwXK6/2zj+YYlvsSmT1VIrB8dmWqZxrbcwImJCvCP8q8rFDo
hkc9lkEvg+PulbjiPTAiCCrqoLkSgUGuNiN1QkjPeVzsiTkRoRSDsXjgkgszeTK/
6wn8t4ceTGu9P9ClwOm2U21I2ZMG5Atfx2pn1XaR9L7hSrlNCUee8fcSTVV6ZmXl
4SVefnWRxUOxB4SIMjDS5qIVvkN4XTtHeLJ/JfT40comV29GG0TSp/fbhOaHRFnI
AsRIQXvFjBwGnZSk+5MgJAr5kzECloJ7JURNX6UCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBT9Jmq7nQrh5auFYK64FrVYWNxWTTAfBgNVHSMEGDAWgBQWSX2EU8XuPruz
iOGkehlf8w/gCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZrbDloRlBGN2o2N3M0amhwSG9aWF9NUDRBay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYzk3ZmNmLTFhOGQtNGFjOS1iZmVhLWIyMzRkZDZlZDYzNy8x
L19TWnF1NTBLNGVXcmhXQ3V1QmExV0ZqY1ZrMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
Yzk3ZmNmLTFhOGQtNGFjOS1iZmVhLWIyMzRkZDZlZDYzNy8xL0ZrbDloRlBGN2o2
N3M0amhwSG9aWF9NUDRBay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAcEhpAMEAcEhzDAPBAIAAjAJAwcA
Kg8GQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCawsK6i14uy4qW6Lg29lGawqC4EaQK
QsdZAkiPWUs1Wiy/jIokxS0k15Bpt5wUuHt+Y88aiZhk/Bw2HjIxjhg2Sct/5tzE
UpKhIlw4TbX8r/aOf+VtemY+EzA9vPZa8m3r1IVESoYeBZmBcXaP6JQrwjzUyMMe
W7INPflhRLomdgniw6ZfQ7rd7oHQV7It4N68fXapf+2QMFUBeogQg2KFCm8XrUaA
4LYrHCb6gySbJCP2jYyZzKWnCdg0wTA9Yeszrn38Zmgq5QMBDAfnkwnbl/aBvv1K
Kqw+NVESuM7pkZaNUpbsGhJ6mMdmlIaijTp6T5zodwBvuZAjNFkXQDk7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:26 2023 by rpki-client on console-ams.rpki-client.org